With the proliferation of computer networks that can access unsecure networks, such as the Internet, security breaches and loss of secure information has become commonplace. There are numerous examples of corporate/government sites being hacked to obtain information, such as credit card information, medial records, top secret military information, proprietary corporate information, and the like. To prevent these types of security breaches, many corporations/governments have focused on protecting security breaches by focusing on protocols associated with data security. For instance, a firewall can be administered to only allow data access using defined ports (e.g., only allowing HTTP port 80 for data access). Other techniques such as signaling encryption (TLS) and media encryption (SRTP) can also be used. These techniques make an underlying assumption that the transaction of data transfer is legitimate and authorized.
As a result, hackers have become creative in devising different ways to attack corporate/governmental security. For example, hackers have designed malware that can be used to upload secure information from a computer by disguising the upload of the secure information as a voice or video call. Since a voice or video call can last for a long duration, it is often difficult to distinguish a legitimate voice or video call from one produced by malware. This technique is often called “exfiltration”, since it is the ability to pull information outside the enterprise or government entity over a legitimate use protocol and port without the enterprise or government entity knowing about it.